The kernel in Apple iOS prior to 6.1 and Apple TV prior to 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple tvos 2.0.0 |
||
apple tvos 2.0.1 |
||
apple tvos 1.0.0 |
||
apple tvos 1.1.0 |
||
apple tvos 4.4.0 |
||
apple tvos 5.1.0 |
||
apple tvos 2.1.0 |
||
apple tvos 2.2.0 |
||
apple tvos 4.1.1 |
||
apple tvos 4.4.3 |
||
apple tvos 4.2.2 |
||
apple tvos 4.1.0 |
||
apple tvos 4.3.0 |
||
apple tvos 2.3.0 |
||
apple tvos 2.4.0 |
||
apple tvos 4.4.4 |
||
apple tvos 5.0.1 |
||
apple tvos 5.0.2 |
||
apple tvos 4.2.1 |
||
apple tvos 3.0.1 |
||
apple tvos 3.0.2 |
||
apple tvos |
||
apple tvos 2.0.2 |
||
apple tvos 4.4.2 |
||
apple tvos 5.0.0 |
||
apple tvos 4.2.0 |
||
apple tvos 2.3.1 |
||
apple tvos 3.0.0 |
||
apple iphone os 6.0.1 |
||
apple iphone os |
||
apple iphone os 6.0 |